Unrated severityNVD Advisory· Published Apr 15, 2021· Updated Aug 3, 2024
Clear text exposure of password in McAfee CSR ePO extension
CVE-2021-23884
Description
Cleartext Transmission of Sensitive Information vulnerability in the ePO Extension of McAfee Content Security Reporter (CSR) prior to 2.8.0 allows an ePO administrator to view the unencrypted password of the McAfee Web Gateway (MWG) or the password of the McAfee Web Gateway Cloud Server (MWGCS) read only user used to retrieve log files for analysis in CSR.
Affected products
2<2.8.0+ 1 more
- (no CPE)range: <2.8.0
- (no CPE)range: unspecified
Patches
Vulnerability mechanics
References
1- kc.mcafee.com/corporate/indexmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.